Demo
Salary Resume Critique Job Openings

Information Security Analyst- Consultant

Transcend Business Solutions
Buffalo, NY Full Time
POSTED ON 2/10/2025
AVAILABLE BEFORE 5/8/2025

Job Description

Job Description

Title : Information Security Analyst

Location : Buffalo, NY

Open to remote, but prefer hybrid)

Must be US Citizen or Green Card Holder

Background :

Our top Healthcare client is seeking an Information Security Analyst. This is being driven by a newly released NYS cybersecurity mandate for all hospitals statewide.  They would like the consultant to verify the assessment and then execute the requirements.  The ideal candidate will have ideally been through similar projects before, if not working on security compliance projects for hospitals, ideally security compliance projects for other firms based on a state or government mandate.  The more broad their role was on the compliance project the more helpful that will be.

Summary :

Under the direction of the Director - InfoSec GRC, the incumbent will take a lead role and will be responsible for managing and reducing Information Technology, Information Security, Privacy, Regulatory Compliance and Governance, and Cybersecurity risk to hospital by helping to prioritize and drive remediation efforts throughout the organization. This role will project lead several IT and cybersecurity engagements across different cross-functional teams, collaborating with internal, external, and other advisory partners to plug out on gap, corrective action plans, exceptions, and non-conformities to meet regulatory compliance. Partner with infrastructure, Help Desk, IT, Informatics, Security Operations, Compliance, Privacy, Legal, and Internal Audit to bring policy, procedures / standards and implementation requirements to full compliance and maturity. The Analyst independently or in collaboration with other stakeholders owns policy creation and updates, planning, coordination and execution of IT and Cybersecurity projects. The Analyst holds team and organization level responsibilities and leads complex scale projects. The incumbent will work with employees and leaders across all facilities, and our partners and affiliates.

Hands on GRC experience in a clinical environment, project management background and experience with the New York State Hospital Cybersecurity regulatory mandate are a plus.

Primary Duties Include :

  • Oversees and participates in creation of and updating organizational policies aligned to the cybersecurity needs of the organization, best practices, and regulatory requirements; heavy focus on NYS Hospital Cybersecurity Regulation but inclusive of others such as HIPAA, NIST CSF and PCI.
  • Works closely with control owners and internal and external auditors to ensure requests are completed in time.
  • Assists with evaluating the information security program's effectiveness by developing, monitoring, gathering, tracking, and analyzing information security and compliance metrics for management.
  • Creating, maintaining, communicating, and tracking information security policies, procedures / SOP, and other documentations.
  • Prepares for and facilitates assessments by qualified security assessors for regulations such as HIPAA, NIST CSF and NYS Hospital Cybersecurity Regulation .
  • Designs and documents technical, administrative, and physical controls to ensure the business demonstrates compliance, ensuring that Roswell Park meets both the requirements and intent of its regulatory and compliance obligations.
  • Facilitates the remediation of control gaps and escalates critical issues to leadership.
  • Articulates results of the final assessments to business stakeholders, project sponsors, program managers, and other internal parties.
  • Develops mechanisms to align with the adoption and usage of current and emerging regulations including HIPAA, NIST CSF and NYS Hospital Cybersecurity Regulation.
  • Work with SMEs to interpret and translate controls into remediation items.
  • Lead and manage IT cybersecurity compliance project from initiation through closure and post-mortem.

Qualifications :

Education and Experience

Bachelor’s degree in Computer Science, Information Systems or a related field and the equivalent of ten (10) years of full-time experience in information security Governance Risk and Compliance.

Experience :

  • 10 years of experience in security GRC with emphasis on leading, managing and conducting concurrent risk assessments, project management skills and knowledgeable in HIPAA, NIST CSF and NYS Hospital Cybersecurity Regulation.
  • 10 years of experience in security GRC with emphasis on leading, managing and conducting concurrent risk assessments
  • Project management skills and knowledge in HIPAA, NIST CSF and NYS Hospital Cybersecurity Regulation is a plus.
  • Experience in a clinical environment is a plus.

    • Knowledge, Skills, and Abilities

    Knowledge of :

  • Excellent technical skills (application and operating system hardening, vulnerability assessments, security audits, TCP / IP, intrusion detection systems, firewalls, etc.)
  • Applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations.
  • Policy, procedure, SOP advisory.
  • Information systems auditing, monitoring, controlling, and assessment process.
  • Incident response management.
  • Penetration Testing, Vulnerability Management.
  • Business Continuity and Disaster Recovery.
  • Risk assessment and management methodology.

    • Skills in :

  • Developing and implementing enterprise governance, risk, and compliance strategy and solutions.
  • Information technology and cybersecurity project management, planning, and execution.
  • Time and task management.
  • Defining problems, collecting, and analyzing data, establishing facts, and drawing valid conclusions.
  • Using judgment and ingenuity in maintaining objectives and technical standards.

    • Ability to :

  • Effectively communicate technical issues to diverse audiences, both in writing and verbally.
  • Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing processes.
  • Evaluate and update and / or revise program materials.
  • Comprehend technical background and confer, analyze, and write in an objective, lucid manner.
  • Work as part of a team and / or independently and prioritize multiple tasks and adapt to needed changes

    • If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Information Security Analyst- Consultant?

    Sign up to receive alerts about other jobs on the Information Security Analyst- Consultant career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $70,462 - $84,818
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Transcend Business Solutions

    IT Instructional Designer
    Transcend Business Solutions
    Hired Organization Address Rockville, MD Full Time
    Title : IT Instructional Designer Location : Rockville, MD Scope of Work : Montgomery County Government continuously ide...
    View More Jobs at Transcend Business Solutions

    Not the job you're looking for? Here are some other Information Security Analyst- Consultant jobs in the Buffalo, NY area that may be a better fit.

    Information Security Operations Sr. Analyst

    Citi, Getzville, NY

    Information Security Operations Sr. Analyst

    Citibank, N.A., Getzville, NY

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!